Multiple Event Registration Vulnerability in Linux Kernel

Multiple Event Registration Vulnerability in Linux Kernel

CVE-2012-1146 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by registering memory threshold events.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.